libvirt CVE-2012-2693 Multiple Local Security Bypass Vulnerabilities

http://www.securityfocus.com/bid/54126

Security Info

Bugtraq ID:	54126
Class:	Access Validation Error
CVE:	CVE-2012-2693
Remote:	No
Local:	Yes
Published:	Jun 20 2012 12:00AM
Updated:	Jul 03 2012 10:20AM
Credit:	Red Hat
Vulnerable:	Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6

Not Vulnerable:

Security Discussion

libvirt is prone to multiple local security-bypass vulnerabilities.

Successfully exploiting these issues may allow an attacker to bypass certain security restrictions and gain unauthorized access.

Proof of Concept and Security Exploits

Currently, we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Security Solution(s)

Solution:
Updates are available. Please see the references for more information.

Security References(s)

References:

libvirt Homepage (libvirt )

Emagined Security Blog featuring Dr. Eugene Schultz

Secure Web Programming
by Vizual Services